WO2014205148A1 - Outil d'authentification permanente - Google Patents

Outil d'authentification permanente Download PDF

Info

Publication number
WO2014205148A1
WO2014205148A1 PCT/US2014/043056 US2014043056W WO2014205148A1 WO 2014205148 A1 WO2014205148 A1 WO 2014205148A1 US 2014043056 W US2014043056 W US 2014043056W WO 2014205148 A1 WO2014205148 A1 WO 2014205148A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
input device
usage
application
usage characteristic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/US2014/043056
Other languages
English (en)
Inventor
Joseph S. VALACICH
Jeffrey L. JENKINS
John Howie
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
University of Arizona
Original Assignee
University of Arizona
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by University of Arizona filed Critical University of Arizona
Publication of WO2014205148A1 publication Critical patent/WO2014205148A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • AHUMAN NECESSITIES
    • A61MEDICAL OR VETERINARY SCIENCE; HYGIENE
    • A61BDIAGNOSIS; SURGERY; IDENTIFICATION
    • A61B5/00Measuring for diagnostic purposes; Identification of persons
    • A61B5/16Devices for psychotechnics; Testing reaction times ; Devices for evaluating the psychological state
    • A61B5/164Lie detection
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/40User authentication by quorum, i.e. whereby two or more security principals are required

Definitions

  • the present invention relates to a system and a method for establishing user identities through continuously monitoring input device usage.
  • the present invention relates to a system and a method for computer user profiling based on behavioral biometrics.
  • the method generally comprises establishing profiles of a particular computer user based on how and the way an input device is used.
  • insider threats a trusted adversary who operates within an organization's boundaries - are a significant danger to both private and public sectors, and are often cited as the greatest threat to an organization. They include disgruntled employees or ex-employees, potential employees, contractors, business partners, or auditors.
  • the damage caused by an insider threat can take many forms, including workplace violence; the introduction of malware into corporate networks; the theft of information, corporate secrets, or money; the corruption or deletion of data; and so on.
  • Estimates indicate insider threats alone cost organization and society "tens, if not hundreds of billions of dollars" in damages.
  • the identification process of insider threats is heightened in very large organizations. For instance, identifying a small number of potential insider threats within an organization with thousands of employees is a literal "needle in the haystack" problem.
  • Insider threats may conceal their identity, making it difficult for organizations to identify and detain them. According to a recent survey, it takes 416 days on average to contain an insider attack (HP Cyber Risk Report, 2012).
  • Usernames and passwords (sometimes accompanied by dual-factor authentication) are the prominent technique for verifying the identity of users.
  • insider threats can exploit. For example, insider threats can steal one's credentials and use them to login to sensitive networks, which is currently one the greatest sources of large scale cyber breaches (e.g., Hurtado 2011; Trustware 2012).
  • biometrics To overcome such limitations, researchers have sought alternative forms of authentication that cannot be stolen, such as biometrics. These techniques are often expensive to deploy or require special hardware. Furthermore, even the most sophisticated biometrics are rendered useless if a well-meaning user leaves a network open (e.g., not locking computers, unintentionally opening backdoors into the system, etc.).
  • One particular aspect of the invention is a behavioral biometric-based user verification system.
  • behavioral biometric-based refers to
  • a system and/or a method of the invention provides a continuous authentication tool ("CAT") for user verification.
  • CAT is a low-footprint tool that can be installed on client computers to continuously monitor how and the way one uses the computer.
  • the method of invention comprises monitoring input device(s) usage characteristics of a computer user to authenticate the identity.
  • the system (and/or method) of invention can include developing a signature to uniquely identify users based on soft biometrics including how and the way one uses the input device (e.g., how one types and mouses).
  • the behavioral biometrics is developed for a particular device (i.e., the same user will have a different profile on a tablet versus a notebook versus a smartphone).
  • the system is also based on behavioral system usage features (e.g., how one uses the computer, including what applications are used, how one uses the applications (e.g., use of keyboard versus mouse for a certain task etc.), timing of use (e.g., what time of the day a particular application is often used, the duration of using a particular application, etc.), as well as other characteristics).
  • behavioral system usage features e.g., how one uses the computer, including what applications are used, how one uses the applications (e.g., use of keyboard versus mouse for a certain task etc.), timing of use (e.g., what time of the day a particular application is often used, the duration of using a particular application, etc.), as well as other characteristics).
  • biometric- behavioral signature e.g., how one uses the computer, including what applications are used, how one uses the applications (e.g., use of keyboard versus mouse for a certain task etc.), timing of use (e.g., what time of the day a particular application is often used
  • continuously authenticate a user is used to describe authenticating a user continuously as well as at discreet intervals, e.g., every few seconds, minutes, hours, etc., or at any time an input device is used, etc.
  • CAT continuously authenticates the user (rather than just when entering a username or password).
  • policy-based actions can be executed such as locking the system, alerting a system administrator, or alerting the legitimate user.
  • the system also provides forensics to assist in identifying malicious insiders who use stolen credentials.
  • Some aspects of the invention provide a system and/or a method for computer user profiling based on the user's behavioral biometrics.
  • the system and/or method of invention also include establishing distinctive profiles for a user based on the user's input device usage characteristics.
  • the usage characteristic comprises how and the way the user uses the input device.
  • Exemplary input devices include, but are not limited to, mouse, keyboard, touchscreen, stylus, microphone (e.g., for using a voice command), joystick, etc.
  • Some of the variables for how the user uses the input device include, but are not limited to, input device dynamics.
  • the keyboard (i.e., input device) dynamics include, but are not limited to, the dwell time (the length of time a key is held down), transition time (the time to move from one key to another) for keyboard actions, rollover time, key pressing pressure, speed of typing, etc.
  • the collected actions are translated and analyzed in order to produce a pattern.
  • an algorithm generates a Keystroke Dynamics Signature (KDS), which is used as the user's reference profile.
  • KDS Keystroke Dynamics Signature
  • the user's reference profile can be continuously updated. For example, as long as the user has been authenticated (i.e., the identity has been verified), one can update the user reference profile, thereby providing a more reliable reference profile.
  • the user reference profile can also include the range of input device usage characteristics. For example, the length of time a key is held down by the user can vary from day to day or from situation to situation.
  • the reference profile can be established by identifying a certain acceptable ranges for a give input device usage
  • the user reference profile i.e., user's input device usage characteristic
  • the user reference profile is the input device usage characteristic of the user during the same or substantially the same (i.e., within an hour) time of the day. For example, if the current input device usage characteristic is determined at 9 o'clock in the morning, the reference input device usage characteristic is one that was taken from about 8 o'clock to about 10 o'clock in the morning the previous day. In this manner, substantially the same time period of the day (i.e., + 2 hour, often + 1 hour) results are compared. In some instances, the reference input device usage
  • the characteristic is the input device usage characteristic of the user that was determined same day of the week. For example, the input device usage characteristic of the user on Monday morning is compared to the user's input device usage characteristic that was determined Monday morning of the previous week.
  • the KDS is constructed using a key oriented neural network based approach, where a neural network is trained for each keyboard key to best simulate its usage dynamics with reference to other keys.
  • the input device is a pointing device such as a mouse
  • the pointing device dynamics include, but are not limited to, comparing selected pointing device actions generated by the user as a result of user's interaction with a graphical user interface (GUI) or any other display shown on the display screen. The data obtained from these actions are then processed in order to analyze the behavior of the user.
  • GUI graphical user interface
  • Pointing device actions include general pointing device movement, drag and drop, point and click, and silence (i.e., no movement).
  • the behavioral analysis utilizes neural networks and statistical approaches to generate a number of factors from the captured set of actions; these factors are used to construct what is called a Pointing Device Dynamics Signature (PDDS), a unique set of values characterizing the user's behavior over the monitoring period.
  • PDDS Pointing Device Dynamics Signature
  • Some of the factors include calculating the average speed against the traveled distance, or calculating the average speed against the movement direction, the total distance travelled how a user accelerates and decelerates during a movement, the precision of movements, the force of movements, the click latency, click pressure, the direction changes during the movement, velocity of the movement, etc.
  • the detection algorithm for an input device calculates the significance of each factor with respect to the other factors in the same signature, and with respect to its corresponding values in other users signatures.
  • a neural network is trained for each enrolled user resulting different detection scheme to be used for each of them.
  • Some factors for the way the user uses the input device include, but are not limited to, which input device (e.g., keyboard or mouse) is used for a particular task such as a menu item, which input device is used to switch between applications (keyboard or a pointing device), etc.
  • the collected actions are translated and analyzed in order to produce a pattern, e.g., the frequency of using a keyboard or a pointing device for selecting a particular menu item and/or switching between applications, etc.
  • the detection algorithm for the way the user uses an input device also calculates the significance of each factor.
  • an input device refers to any device that allows a user to communicate or interact with a central processor based apparatus, such as a computer, a tablet (e.g., iPad®), a smart phone, etc.
  • a central processor based apparatus such as a computer, a tablet (e.g., iPad®), a smart phone, etc.
  • a computer e.g., iPad®
  • a smart phone e.g., Samsung Galaxy S III
  • the present invention is primarily described in reference to using a computer.
  • the systems and methods of the invention are also applicable to all other central processor based apparatuses including, but not limited to tablets, smartphones, etc.
  • Exemplary input devices include, but are not limited to, a keyboard, a pointing device (such as a mouse, touch pad, trackball, joystick, stylus, etc.), microphone, stylus, and a touch screen. It should be appreciated some devices can be used as more than one type of input device. For example, a touch screen and a stylus can be used as a keyboard as well as a pointing device; and a keyboard can also be used as a pointing device, e.g., by using the arrow keys.
  • the user verification system comprises:
  • a data interception unit configured to intercept inputs from a user that are directed to an application other than a user authentication application, wherein the data interception unit is configured to passively collect input device usage characteristics
  • a behavior analysis unit operatively connected to said data interception unit to receive the passively collected usage characteristic of said input device
  • a behavior comparison unit operatively connected to said behavior analysis unit, wherein said system dynamically monitors and passively collects behavioral biometric information, and translates said behavioral biometric information into representative data, stores and compares different results, and outputs a user identity result associated with authorization of the user.
  • the input device usage characteristics comprise how and/or the way (or the manner in which) the user uses the input device for a particular application.
  • the user verification system of the invention includes usage characteristics based on the way the user uses the input device(s). For example, the signature of a particular user can include the frequency of using a keyboard for a menu short cut or a selection item compared to the user's use of a pointing device. By including the way the user uses the computer in the usage characteristic, a more accurate verification system is provided.
  • the user verification system includes both how the user uses the input device (i.e., input device dynamics) and the way the user uses the input device.
  • the user verification system also includes a system that captures one or more of the following: the current processes running on the computer (e.g., applications), what time they were initiated and ended, and how long they have been running, what combination or applications are used concurrently, how often a particular application is used, etc.
  • said input device comprises a touch screen, a stylus, a microphone, a pointing device (e.g., a mouse, trackball, touch pad, etc.), a remote camera, a joystick, or a combination thereof.
  • said data interception unit is configured to passively collect usage characteristics comprising how and the way the user uses a plurality of input devices.
  • a relatively simple data interception unit can be configured to collect usage characteristics of a keyboard and a mouse or other pointing device such as a touch pad, trackball, etc. Regardless of the number of input devices, the data interception unit collects the usage characteristics on how and the way each of the input device is used.
  • said data interception unit is configured to passively collect usage characteristics comprising the way the user selects a menu item, switches between applications, or a combination thereof.
  • said user verification system is suitably configured for real-time monitoring.
  • the user verification system includes monitoring one or more of the following: how long the user uses a particular program or application; what programs or applications are used together; the frequency of using a particular combination of programs or applications; routines in using programs or applications; times of the day the user uses the program or the application, etc.
  • Yet another aspect of the invention provides a method of characterizing a user comprising the steps of:
  • said usage characteristic comprises how and the way the user uses the input device (e.g., user's data entry and interaction methods) for the application;
  • the method of characterizing a user further comprises comparing said signature with a signature of an authorized user.
  • the method of characterizing a user further comprises the step of filtering said data after processing and before developing the signature to reduce noise.
  • the method of characterizing a user further comprises the steps of processing said data, and developing the signature in real-time.
  • the usage characteristic can include finger movement, precise timing, and applied pressure between the initial position of a pointer and the answer on the display screen selected by the subject.
  • the usage characteristic can include finger movement, precise timing, and applied pressure between the initial position of a pointer and the answer on the display screen selected by the subject.
  • the usage characteristic can include speed, total distance travelled, initial direction of movement, total response time, change in direction on the x-axis, change in direction on the y- axis, idle time, area under the curve, amount of deviation, reaction time, applied pressure, changes in angle, the pattern of a users' acceleration or deceleration during a movement, the precision of movements, the click latency, click pressure, or a combination of two or more thereof.
  • area under the curve refers to the area formed by the total distance travelled by the user starting from the starting position of the pointer (x l s yi) to the answer selected by the subject (x 2 , y 2 ), and the distance between yi and y 2 (i.e., absolute value of yi-y 2 ) and the distance between xi and x 2 . (i.e., absolute value of xi-x 2 ).
  • said pointing device e.g., mouse
  • said pointing device e.g., mouse
  • said pointing device is based on the speed, total distance travelled, initial direction of movement, total response time, change in direction on the x-axis, change in direction on the y-axis, the pattern of a users' acceleration or deceleration during a movement, the precision of movements, the click latency, click pressure, idle time, area under the curve, amount of deviation, reaction time, changes in angle, or a combination of two or more thereof.
  • said data interception unit is further configured to passively collect keyboard usage characteristic of the subject.
  • said keyboard usage characteristic comprises what key was pressed, what time (e.g., elapsed time between presenting the question on the display screen and the time) a key was pressed, what time it was released, or a combination thereof.
  • said keyboard usage characteristic can be based on or includes at least one of speed, transition time, dwell time, rollover time, pressure of key pressed, or a combination thereof.
  • Figure 1 is a schematic illustration of one particular embodiment of a continuous authentication tool (i.e., CAT) signature.
  • CAT continuous authentication tool
  • the user verification is suitably configured for dynamic monitoring of input device to authenticate users. While the present invention can be used to monitor any input device suitable for a particular application or program used, for the sake of brevity and clarity, the present invention will now be described in reference to using a mouse and a keyboard. However, it should be appreciated that the scope of the invention encompasses all known or latter developed input devices.
  • CAT utilizes behavioral features from other levels of the user interaction (Layers 1, 3-6).
  • Layer 2 in some embodiments, CAT utilizes Layer 3, 4 or a combination thereof.
  • CAT in addition to Layer 2 and at least one of layer 3 and 4, CAT utilizes Layer 5, 6, or a combination thereof.
  • the Way One Mouses This feature refers to how one uses the mouse to navigate an application. For example, most applications have alternative ways of accomplishing the same thing (e.g., selecting copy from the Edit menu, right clicking and selecting copy from a popup menu, or typing CTRL + C to copy).
  • the present inventors have discovered that people use the mouse consistently overtime. Furthermore, people have different levels of efficacy of using a program. Some people know exactly where to find functionality to accomplish a task; whereas others must explore the interface to find desired functionality.
  • the Way One Types This feature is based on how one uses the keyboard. For example, "power users" typically use the keyboard very differently from normal users. Most of the power users use key shortcuts (e.g., ALT+TAB to switch between programs, CTRL+C to copy, ALT+F4 to quit a program, etc.), whereas the normal users typically use fewer shortcuts and utilize the mouse more. As another example, users differ in how they enter numbers (e.g., the keypad verses the numbers along the top of the keyboard), and users become acclimated to different keyboard sizes and formats; when they use a keyboard they are not use to, these differences are evident.
  • key shortcuts e.g., ALT+TAB to switch between programs, CTRL+C to copy, ALT+F4 to quit a program, etc.
  • users differ in how they enter numbers (e.g., the keypad verses the numbers along the top of the keyboard), and users become acclimated to different keyboard sizes and formats; when they use a keyboard they are not use to
  • a power user may use the command prompt to run different programs, or modify settings. Whereas a normal users would likely use the graphical interface to run programs. In addition, people have preferences in programs that they use on their devices (internet browsers, productivity software, entertainment software, apps, etc.).
  • What Time One Uses a Program This feature is based on when someone normally uses applications. For example, if someone normally uses their workstation from 8:00 am - 5:00 pm, a use at 1 :00 am might indicate a likelihood of an intruder. Or if someone normally does not use their computer during the lunch hour, abnormal use during the lunch hour may indicate an intruder.
  • an authentication signature is developed for each user device and for the applications each person uses. See, for example, Figure 1.
  • a learning algorithm evolves the signature over time as usage patterns and devices for a particular user evolve.
  • Anomalies e.g., intruders
  • Anomalies are detected based on the degree the actual user's signature differs from the authenticated user's signature for each dimension. Multiple inconsistencies indicate that the likelihood of a threat is high.
  • CAT can search the database of signatures to possibly identify the intruder.
  • CAT can be configured to run as a rootkit on users' computers; it will not significantly, if any, interfere with computer performance or user productivity.
  • Key characteristics of the system include, but are not limited to, capable of being deployed through active directory group policies (and similar programs) to all computers in an organization; the group policy for verifying that CAT is running to allow login; low- footprint (e.g., consumes minimal computer resources and thereby does not interfere with daily operations); mousing, typing, usage, and/or other behavioral data are analyzed at the client level; to protect privacy, only a hashed version of the user signature can be passed to the authentication server for continuous authentication; not a "key logger" and doesn't violate a person's privacy; can compute or generate signatures for different devices (e.g., desktop, iPad, smart phone, etc.; can compute or generate signatures for different applications (e.g., people will mouse / type differently depending on whether they are composing a document or playing a game); if an intruder is suspected or detected
  • Systems and methods of the invention can perform continuous authentication via monitoring users computing behaviors to identify possible intruders.
  • the invention has many advantages over alternative authentication methods that can be imitated, require expensive equipment, or are reliant on users securing their resources (e.g., locking their computer).
  • the data capture and analysis can run continuously in the background of the computer system during normal workday activities, and continuously authenticates users; the system can analyze multiple biometric and behavioral dimensions to increase detection rate while decreasing false positive rate; biometric and behavioral behavior are analyzed at the client level; allow presenting/passing only a hashed signature to the authentication server to establish the identity of the user; CAT is a low- footprint rootkit that does not decrease the performance of the computer; users need not be aware of the data collection that is taking place; computers can be immediately locked and/or administrator notified if an intruder is detected or suspected; if the intruder's signature is in the database (i.e., a member of the organization), he or she can be identified; the system is not easily fooled, as an imposter would trigger anomalous event typically manifests itself as subtle differences in movement behavior that occurs between 20 and 100 milliseconds.
  • Attempts to modify one's behavior can be flagged as abnormal, thus identifying individuals attempting to fool the system; and CAT does not require any special hardware to deploy; it works with the existing infrastructure (mouses, keyboards, touchpads, etc.).
  • the invention provides a low-cost, reliable, continuous authentication tool that can detect and identify insider threats accessing unauthorized resources in an organization.
  • CAT can consist of either providing them with remote login software or extending secure remote login software such as Security Shell (SSH). The administrator then requires that users use this particular remote login implementation for remote access.
  • SSH Security Shell
  • a connections list established by the traffic analyzer is compared against the active users list maintained by the core biometrics detector, and possible discrepancies are then reported as intrusions to the security administrator. This applies even when the data collection module is installed on the target machine.
  • the network analyzer detects resource usage on the target machine while there is no biometrics data collected during a session, this will raise the possibility that corresponding network traffic is due to a malicious process, which is not being executed by a legitimate user.
  • the biometrics detector is able to monitor activities on the target machine while the network analyzer failed to detect the network traffic resulting from such activities, this will raise the possibility that the attacker managed to modify the behavior of the running application.
  • secure communication protocols for client and server interactions are used.
  • Mouse usage characteristics can be broadly classified as, for example, but not limited to, one of the following categories: movement or no movement; drag and drop (the action starts with mouse button down, movement, then mouse button up); and Point & Click (mouse movement followed by a click or double click). Different approaches are used in each category to collect the usage characteristics. Some examples of the usage characteristics for each analysis are the following: calculating the average speed against the traveled distance; calculating the average speed against the movement direction (eight directions are considered); calculating the average traveled distance for a specific period of time with respect to different movement directions, calculating the acceleration of a mouse usage, calculating the precision of a movement,. From such data one can determine a usage characteristic for the different directions.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Social Psychology (AREA)
  • Hospice & Palliative Care (AREA)
  • Heart & Thoracic Surgery (AREA)
  • Developmental Disabilities (AREA)
  • Psychiatry (AREA)
  • Psychology (AREA)
  • Child & Adolescent Psychology (AREA)
  • Biophysics (AREA)
  • Pathology (AREA)
  • Biomedical Technology (AREA)
  • Educational Technology (AREA)
  • Medical Informatics (AREA)
  • Molecular Biology (AREA)
  • Surgery (AREA)
  • Animal Behavior & Ethology (AREA)
  • Public Health (AREA)
  • Veterinary Medicine (AREA)
  • User Interface Of Digital Computer (AREA)

Abstract

La présente invention concerne un système et un procédé permettant de déterminer l'identité d'utilisateurs grâce à une surveillance permanente de l'utilisation de dispositifs d'entrée. Selon certains modes de réalisation, cette invention a trait à un système et un procédé conçus pour établir les profils de l'utilisateur d'un ordinateur sur la base de la biométrique comportementale. Le procédé comprend globalement l'établissement de profils d'un certain utilisateur d'un ordinateur suivant comment et de quelle manière un dispositif d'entrée est utilisé.
PCT/US2014/043056 2013-06-19 2014-06-18 Outil d'authentification permanente Ceased WO2014205148A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201361837153P 2013-06-19 2013-06-19
US61/837,153 2013-06-19

Publications (1)

Publication Number Publication Date
WO2014205148A1 true WO2014205148A1 (fr) 2014-12-24

Family

ID=52105254

Family Applications (2)

Application Number Title Priority Date Filing Date
PCT/US2014/043056 Ceased WO2014205148A1 (fr) 2013-06-19 2014-06-18 Outil d'authentification permanente
PCT/US2014/043057 Ceased WO2014205149A1 (fr) 2013-06-19 2014-06-18 Procédé de détection automatisée d'une menace interne

Family Applications After (1)

Application Number Title Priority Date Filing Date
PCT/US2014/043057 Ceased WO2014205149A1 (fr) 2013-06-19 2014-06-18 Procédé de détection automatisée d'une menace interne

Country Status (2)

Country Link
US (2) US10524713B2 (fr)
WO (2) WO2014205148A1 (fr)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105306496A (zh) * 2015-12-02 2016-02-03 中国科学院软件研究所 用户身份检测方法和系统
US9392460B1 (en) 2016-01-02 2016-07-12 International Business Machines Corporation Continuous user authentication tool for mobile device communications
EP3410328A1 (fr) * 2017-05-31 2018-12-05 Deutsche Telekom AG Procédé et système de distinction entre un être humain et un robot en tant qu'utilisateur d'un dispositif intelligent mobile
EP3410329A1 (fr) * 2017-05-31 2018-12-05 Deutsche Telekom AG Procédé et système de détection des entrées irrégulières pour des applications de traitement de données
US11095641B1 (en) 2018-12-20 2021-08-17 Wells Fargo Bank, N.A. Systems and methods for passive continuous session authentication
US11159520B1 (en) 2018-12-20 2021-10-26 Wells Fargo Bank, N.A. Systems and methods for passive continuous session authentication
IT202100016136A1 (it) 2021-06-21 2022-12-21 G Lab S R L Metodo di identificazione di utente durante accessi tramite computer, e relativo sistema
US11663297B2 (en) * 2016-03-10 2023-05-30 Dell Products, Lp System and method to assess anomalous behavior on an information handling system using indirect identifiers
US12039021B2 (en) 2019-03-07 2024-07-16 British Telecommunications Public Limited Company Multi-level classifier based access control
US12248544B2 (en) 2020-02-20 2025-03-11 Hewlett-Packard Development Company, L.P. User authentication based on biometric data
US12277648B2 (en) 2019-07-30 2025-04-15 British Telecommunications Public Limited Company Duct blockage risk location prediction
US12314362B2 (en) 2019-07-16 2025-05-27 British Telecommunications Public Limited Company User authentication based on behavioral biometrics
IT202300027951A1 (it) * 2023-12-22 2025-06-22 Learning Experience Arch S R L Sistema e metodo per autenticare un utente
US12399965B2 (en) 2019-03-07 2025-08-26 British Telecommunications Public Limited Company Access control classifier training
US12425193B2 (en) 2019-09-12 2025-09-23 British Telecommunications Public Limited Company Resource access control
US12554811B2 (en) 2019-03-07 2026-02-17 British Telecommunications Public Limited Company Access control

Families Citing this family (183)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101739058B1 (ko) * 2014-04-24 2017-05-25 주식회사 바이브라시스템 동영상 기반 생리 신호 검출을 이용한 왜곡에 대한 정신생리적 탐지 (거짓말 탐지) 방법 및 장치
US9729583B1 (en) 2016-06-10 2017-08-08 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US9547971B2 (en) * 2014-12-27 2017-01-17 Intel Corporation Technologies for determining a threat assessment based on fear responses
US10368792B2 (en) * 2015-06-02 2019-08-06 The Charles Stark Draper Laboratory Inc. Method for detecting deception and predicting interviewer accuracy in investigative interviewing using interviewer, interviewee and dyadic physiological and behavioral measurements
US11100201B2 (en) * 2015-10-21 2021-08-24 Neurametrix, Inc. Method and system for authenticating a user through typing cadence
US11244367B2 (en) 2016-04-01 2022-02-08 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US10706447B2 (en) 2016-04-01 2020-07-07 OneTrust, LLC Data processing systems and communication systems and methods for the efficient generation of privacy risk assessments
US12288233B2 (en) 2016-04-01 2025-04-29 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US11004125B2 (en) 2016-04-01 2021-05-11 OneTrust, LLC Data processing systems and methods for integrating privacy information management systems with data loss prevention tools or other tools for privacy design
US20170300560A1 (en) * 2016-04-18 2017-10-19 Ebay Inc. Context modification of queries
US11475136B2 (en) 2016-06-10 2022-10-18 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US11481710B2 (en) 2016-06-10 2022-10-25 OneTrust, LLC Privacy management systems and methods
US11151233B2 (en) 2016-06-10 2021-10-19 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10454973B2 (en) 2016-06-10 2019-10-22 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10510031B2 (en) 2016-06-10 2019-12-17 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US10706131B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems and methods for efficiently assessing the risk of privacy campaigns
US11238390B2 (en) 2016-06-10 2022-02-01 OneTrust, LLC Privacy management systems and methods
US11625502B2 (en) 2016-06-10 2023-04-11 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US10565236B1 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11651104B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Consent receipt management systems and related methods
US11651106B2 (en) 2016-06-10 2023-05-16 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10726158B2 (en) 2016-06-10 2020-07-28 OneTrust, LLC Consent receipt management and automated process blocking systems and related methods
US11301796B2 (en) 2016-06-10 2022-04-12 OneTrust, LLC Data processing systems and methods for customizing privacy training
US11210420B2 (en) 2016-06-10 2021-12-28 OneTrust, LLC Data subject access request processing systems and related methods
US12591828B2 (en) 2016-06-10 2026-03-31 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11038925B2 (en) 2016-06-10 2021-06-15 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10713387B2 (en) 2016-06-10 2020-07-14 OneTrust, LLC Consent conversion optimization systems and related methods
US10776517B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Data processing systems for calculating and communicating cost of fulfilling data subject access requests and related methods
US10509894B2 (en) 2016-06-10 2019-12-17 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11295316B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems for identity validation for consumer rights requests and related methods
US11228620B2 (en) 2016-06-10 2022-01-18 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10796260B2 (en) 2016-06-10 2020-10-06 OneTrust, LLC Privacy management systems and methods
US10776518B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Consent receipt management systems and related methods
US11366909B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10607028B2 (en) 2016-06-10 2020-03-31 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US10776514B2 (en) 2016-06-10 2020-09-15 OneTrust, LLC Data processing systems for the identification and deletion of personal data in computer systems
US11341447B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Privacy management systems and methods
US11144622B2 (en) 2016-06-10 2021-10-12 OneTrust, LLC Privacy management systems and methods
US11188615B2 (en) 2016-06-10 2021-11-30 OneTrust, LLC Data processing consent capture systems and related methods
US10740487B2 (en) 2016-06-10 2020-08-11 OneTrust, LLC Data processing systems and methods for populating and maintaining a centralized database of personal data
US11057356B2 (en) 2016-06-10 2021-07-06 OneTrust, LLC Automated data processing systems and methods for automatically processing data subject access requests using a chatbot
US10949170B2 (en) 2016-06-10 2021-03-16 OneTrust, LLC Data processing systems for integration of consumer feedback with data subject access requests and related methods
US12118121B2 (en) 2016-06-10 2024-10-15 OneTrust, LLC Data subject access request processing systems and related methods
US10242228B2 (en) 2016-06-10 2019-03-26 OneTrust, LLC Data processing systems for measuring privacy maturity within an organization
US10353673B2 (en) 2016-06-10 2019-07-16 OneTrust, LLC Data processing systems for integration of consumer feedback with data subject access requests and related methods
US10467432B2 (en) 2016-06-10 2019-11-05 OneTrust, LLC Data processing systems for use in automatically generating, populating, and submitting data subject access requests
US11138242B2 (en) 2016-06-10 2021-10-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US10878127B2 (en) 2016-06-10 2020-12-29 OneTrust, LLC Data subject access request processing systems and related methods
US10565397B1 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10853501B2 (en) 2016-06-10 2020-12-01 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11520928B2 (en) 2016-06-10 2022-12-06 OneTrust, LLC Data processing systems for generating personal data receipts and related methods
US11416798B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for providing training in a vendor procurement process
US11675929B2 (en) 2016-06-10 2023-06-13 OneTrust, LLC Data processing consent sharing systems and related methods
US10848523B2 (en) 2016-06-10 2020-11-24 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11562097B2 (en) 2016-06-10 2023-01-24 OneTrust, LLC Data processing systems for central consent repository and related methods
US10496803B2 (en) 2016-06-10 2019-12-03 OneTrust, LLC Data processing systems and methods for efficiently assessing the risk of privacy campaigns
US12381915B2 (en) 2016-06-10 2025-08-05 OneTrust, LLC Data processing systems and methods for performing assessments and monitoring of new versions of computer code for compliance
US11354434B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11134086B2 (en) 2016-06-10 2021-09-28 OneTrust, LLC Consent conversion optimization systems and related methods
US11366786B2 (en) 2016-06-10 2022-06-21 OneTrust, LLC Data processing systems for processing data subject access requests
US10614247B2 (en) 2016-06-10 2020-04-07 OneTrust, LLC Data processing systems for automated classification of personal information from documents and related methods
US10169609B1 (en) 2016-06-10 2019-01-01 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11222309B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11343284B2 (en) 2016-06-10 2022-05-24 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US10496846B1 (en) 2016-06-10 2019-12-03 OneTrust, LLC Data processing and communications systems and methods for the efficient implementation of privacy by design
US10282700B2 (en) 2016-06-10 2019-05-07 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11416589B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11074367B2 (en) 2016-06-10 2021-07-27 OneTrust, LLC Data processing systems for identity validation for consumer rights requests and related methods
US10798133B2 (en) 2016-06-10 2020-10-06 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10769301B2 (en) 2016-06-10 2020-09-08 OneTrust, LLC Data processing systems for webform crawling to map processing activities and related methods
US10706176B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data-processing consent refresh, re-prompt, and recapture systems and related methods
US10944725B2 (en) 2016-06-10 2021-03-09 OneTrust, LLC Data processing systems and methods for using a data model to select a target data asset in a data migration
US11138299B2 (en) 2016-06-10 2021-10-05 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11544667B2 (en) 2016-06-10 2023-01-03 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10896394B2 (en) 2016-06-10 2021-01-19 OneTrust, LLC Privacy management systems and methods
US10708305B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Automated data processing systems and methods for automatically processing requests for privacy-related information
US10997318B2 (en) 2016-06-10 2021-05-04 OneTrust, LLC Data processing systems for generating and populating a data inventory for processing data access requests
US11336697B2 (en) 2016-06-10 2022-05-17 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11222139B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems and methods for automatic discovery and assessment of mobile software development kits
US10592648B2 (en) * 2016-06-10 2020-03-17 OneTrust, LLC Consent receipt management systems and related methods
US10873606B2 (en) 2016-06-10 2020-12-22 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10503926B2 (en) 2016-06-10 2019-12-10 OneTrust, LLC Consent receipt management systems and related methods
US10846433B2 (en) 2016-06-10 2020-11-24 OneTrust, LLC Data processing consent management systems and related methods
US11586700B2 (en) 2016-06-10 2023-02-21 OneTrust, LLC Data processing systems and methods for automatically blocking the use of tracking tools
US10706379B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems for automatic preparation for remediation and related methods
US10606916B2 (en) 2016-06-10 2020-03-31 OneTrust, LLC Data processing user interface monitoring systems and related methods
US10678945B2 (en) 2016-06-10 2020-06-09 OneTrust, LLC Consent receipt management systems and related methods
US10565161B2 (en) 2016-06-10 2020-02-18 OneTrust, LLC Data processing systems for processing data subject access requests
US10706174B2 (en) 2016-06-10 2020-07-07 OneTrust, LLC Data processing systems for prioritizing data subject access requests for fulfillment and related methods
US11227247B2 (en) 2016-06-10 2022-01-18 OneTrust, LLC Data processing systems and methods for bundled privacy policies
US10803200B2 (en) 2016-06-10 2020-10-13 OneTrust, LLC Data processing systems for processing and managing data subject access in a distributed environment
US11354435B2 (en) 2016-06-10 2022-06-07 OneTrust, LLC Data processing systems for data testing to confirm data deletion and related methods
US11277448B2 (en) 2016-06-10 2022-03-15 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10783256B2 (en) 2016-06-10 2020-09-22 OneTrust, LLC Data processing systems for data transfer risk identification and related methods
US10685140B2 (en) 2016-06-10 2020-06-16 OneTrust, LLC Consent receipt management systems and related methods
US10885485B2 (en) 2016-06-10 2021-01-05 OneTrust, LLC Privacy management systems and methods
US11403377B2 (en) 2016-06-10 2022-08-02 OneTrust, LLC Privacy management systems and methods
US10284604B2 (en) 2016-06-10 2019-05-07 OneTrust, LLC Data processing and scanning systems for generating and populating a data inventory
US12052289B2 (en) 2016-06-10 2024-07-30 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US10762236B2 (en) 2016-06-10 2020-09-01 OneTrust, LLC Data processing user interface monitoring systems and related methods
US11100444B2 (en) 2016-06-10 2021-08-24 OneTrust, LLC Data processing systems and methods for providing training in a vendor procurement process
US11416109B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Automated data processing systems and methods for automatically processing data subject access requests using a chatbot
US10585968B2 (en) 2016-06-10 2020-03-10 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10909265B2 (en) 2016-06-10 2021-02-02 OneTrust, LLC Application privacy scanning systems and related methods
US12045266B2 (en) 2016-06-10 2024-07-23 OneTrust, LLC Data processing systems for generating and populating a data inventory
US10642870B2 (en) 2016-06-10 2020-05-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US11025675B2 (en) 2016-06-10 2021-06-01 OneTrust, LLC Data processing systems and methods for performing privacy assessments and monitoring of new versions of computer code for privacy compliance
US11200341B2 (en) 2016-06-10 2021-12-14 OneTrust, LLC Consent receipt management systems and related methods
US10909488B2 (en) 2016-06-10 2021-02-02 OneTrust, LLC Data processing systems for assessing readiness for responding to privacy-related incidents
US11418492B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing systems and methods for using a data model to select a target data asset in a data migration
US12136055B2 (en) 2016-06-10 2024-11-05 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US11023842B2 (en) 2016-06-10 2021-06-01 OneTrust, LLC Data processing systems and methods for bundled privacy policies
US10572686B2 (en) 2016-06-10 2020-02-25 OneTrust, LLC Consent receipt management systems and related methods
US11157600B2 (en) 2016-06-10 2021-10-26 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US11392720B2 (en) 2016-06-10 2022-07-19 OneTrust, LLC Data processing systems for verification of consent and notice processing and related methods
US11222142B2 (en) 2016-06-10 2022-01-11 OneTrust, LLC Data processing systems for validating authorization for personal data collection, storage, and processing
US10997315B2 (en) 2016-06-10 2021-05-04 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US10509920B2 (en) 2016-06-10 2019-12-17 OneTrust, LLC Data processing systems for processing data subject access requests
US10282559B2 (en) 2016-06-10 2019-05-07 OneTrust, LLC Data processing systems for identifying, assessing, and remediating data processing risks using data modeling techniques
US11328092B2 (en) 2016-06-10 2022-05-10 OneTrust, LLC Data processing systems for processing and managing data subject access in a distributed environment
US11727141B2 (en) 2016-06-10 2023-08-15 OneTrust, LLC Data processing systems and methods for synching privacy-related user consent across multiple computing devices
US11087260B2 (en) 2016-06-10 2021-08-10 OneTrust, LLC Data processing systems and methods for customizing privacy training
US11146566B2 (en) 2016-06-10 2021-10-12 OneTrust, LLC Data processing systems for fulfilling data subject access requests and related methods
US11188862B2 (en) 2016-06-10 2021-11-30 OneTrust, LLC Privacy management systems and methods
US10592692B2 (en) 2016-06-10 2020-03-17 OneTrust, LLC Data processing systems for central consent repository and related methods
US10949565B2 (en) 2016-06-10 2021-03-16 OneTrust, LLC Data processing systems for generating and populating a data inventory
US11636171B2 (en) 2016-06-10 2023-04-25 OneTrust, LLC Data processing user interface monitoring systems and related methods
US12299065B2 (en) 2016-06-10 2025-05-13 OneTrust, LLC Data processing systems and methods for dynamically determining data processing consent configurations
US10839102B2 (en) 2016-06-10 2020-11-17 OneTrust, LLC Data processing systems for identifying and modifying processes that are subject to data subject access requests
US11294939B2 (en) 2016-06-10 2022-04-05 OneTrust, LLC Data processing systems and methods for automatically detecting and documenting privacy-related aspects of computer software
US11438386B2 (en) 2016-06-10 2022-09-06 OneTrust, LLC Data processing systems for data-transfer risk identification, cross-border visualization generation, and related methods
US11416590B2 (en) 2016-06-10 2022-08-16 OneTrust, LLC Data processing and scanning systems for assessing vendor risk
US10586075B2 (en) 2016-06-10 2020-03-10 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US10416966B2 (en) 2016-06-10 2019-09-17 OneTrust, LLC Data processing systems for identity validation of data subject access requests and related methods
US10318761B2 (en) 2016-06-10 2019-06-11 OneTrust, LLC Data processing systems and methods for auditing data request compliance
US11461500B2 (en) 2016-06-10 2022-10-04 OneTrust, LLC Data processing systems for cookie compliance testing with website scanning and related methods
US10915644B2 (en) 2017-05-15 2021-02-09 Forcepoint, LLC Collecting data for centralized use in an adaptive trust profile event via an endpoint
US10129269B1 (en) 2017-05-15 2018-11-13 Forcepoint, LLC Managing blockchain access to user profile information
US10999297B2 (en) 2017-05-15 2021-05-04 Forcepoint, LLC Using expected behavior of an entity when prepopulating an adaptive trust profile
US10999296B2 (en) 2017-05-15 2021-05-04 Forcepoint, LLC Generating adaptive trust profiles using information derived from similarly situated organizations
US9882918B1 (en) 2017-05-15 2018-01-30 Forcepoint, LLC User behavior profile in a blockchain
US10917423B2 (en) 2017-05-15 2021-02-09 Forcepoint, LLC Intelligently differentiating between different types of states and attributes when using an adaptive trust profile
US10862927B2 (en) 2017-05-15 2020-12-08 Forcepoint, LLC Dividing events into sessions during adaptive trust profile operations
US10013577B1 (en) 2017-06-16 2018-07-03 OneTrust, LLC Data processing systems for identifying whether cookies contain personally identifying information
JP6972689B2 (ja) * 2017-06-16 2021-11-24 コニカミノルタ株式会社 データ処理装置、データ処理の実行制御方法及びプログラム
US10318729B2 (en) 2017-07-26 2019-06-11 Forcepoint, LLC Privacy protection during insider threat monitoring
US11294898B2 (en) 2017-07-31 2022-04-05 Pearson Education, Inc. System and method of automated assessment generation
US10719592B1 (en) 2017-09-15 2020-07-21 Wells Fargo Bank, N.A. Input/output privacy tool
US20230328086A1 (en) * 2017-11-27 2023-10-12 Lacework, Inc. Detecting Anomalous Behavior Using A Browser Extension
US10719832B1 (en) 2018-01-12 2020-07-21 Wells Fargo Bank, N.A. Fraud prevention tool
WO2019213376A1 (fr) * 2018-05-02 2019-11-07 Arizona Board Of Regents On Behalf Of The University Of Arizona Systèmes et procédés de détection d'accès non autorisé à des fichiers
US10803202B2 (en) 2018-09-07 2020-10-13 OneTrust, LLC Data processing systems for orphaned data identification and deletion and related methods
US11144675B2 (en) 2018-09-07 2021-10-12 OneTrust, LLC Data processing systems and methods for automatically protecting sensitive data within privacy management systems
US11544409B2 (en) 2018-09-07 2023-01-03 OneTrust, LLC Data processing systems and methods for automatically protecting sensitive data within privacy management systems
WO2020176978A1 (fr) 2019-03-01 2020-09-10 Mastercard Technologies Canada ULC Service d'origine d'application en ligne (oao) durci à dérive de caractéristique pour des systèmes de prévention de fraude
US20220270716A1 (en) * 2019-04-05 2022-08-25 Ellipsis Health, Inc. Confidence evaluation to measure trust in behavioral health survey results
US10997295B2 (en) 2019-04-26 2021-05-04 Forcepoint, LLC Adaptive trust profile reference architecture
US11928683B2 (en) 2019-10-01 2024-03-12 Mastercard Technologies Canada ULC Feature encoding in online application origination (OAO) service for a fraud prevention system
CN111603183B (zh) * 2020-05-11 2022-09-16 天津印测科技有限公司 获取症状无谎数据的移动互联递进探索刺激的系统和方法
WO2022011142A1 (fr) 2020-07-08 2022-01-13 OneTrust, LLC Systèmes et procédés pour la découverte de données ciblées
WO2022026564A1 (fr) 2020-07-28 2022-02-03 OneTrust, LLC Systèmes et procédés permettant de bloquer automatiquement l'utilisation d'outils de suivi
US11475165B2 (en) 2020-08-06 2022-10-18 OneTrust, LLC Data processing systems and methods for automatically redacting unstructured data from a data subject access request
WO2022060860A1 (fr) 2020-09-15 2022-03-24 OneTrust, LLC Systèmes de traitement de données et procédés de détection d'outils pour le blocage automatique de demandes de consentement
US12566885B2 (en) 2020-09-21 2026-03-03 OneTrust, LLC Data processing systems and methods for automatically detecting target data transfers and target data processing
US12265896B2 (en) 2020-10-05 2025-04-01 OneTrust, LLC Systems and methods for detecting prejudice bias in machine-learning models
WO2022099023A1 (fr) 2020-11-06 2022-05-12 OneTrust, LLC Systèmes et procédés d'identification d'activités de traitement de données sur la base de résultats de découverte de données
US11687528B2 (en) 2021-01-25 2023-06-27 OneTrust, LLC Systems and methods for discovery, classification, and indexing of data in a native computing system
WO2022170047A1 (fr) 2021-02-04 2022-08-11 OneTrust, LLC Gestion d'attributs personnalisés pour des objets de domaine définis dans des microservices
US11494515B2 (en) 2021-02-08 2022-11-08 OneTrust, LLC Data processing systems and methods for anonymizing data samples in classification analysis
US11601464B2 (en) 2021-02-10 2023-03-07 OneTrust, LLC Systems and methods for mitigating risks of third-party computing system functionality integration into a first-party computing system
WO2022178089A1 (fr) 2021-02-17 2022-08-25 OneTrust, LLC Gestion de flux de travaux sur mesure pour des objets de domaine définis au sein de micro-services
WO2022178219A1 (fr) 2021-02-18 2022-08-25 OneTrust, LLC Édition sélective de contenu multimédia
EP4305539A1 (fr) 2021-03-08 2024-01-17 OneTrust, LLC Systèmes de découverte et d'analyse de transfert de données et procédés associés
US11562078B2 (en) 2021-04-16 2023-01-24 OneTrust, LLC Assessing and managing computational risk involved with integrating third party computing functionality within a computing system
US12357210B2 (en) 2021-05-05 2025-07-15 Discern Science International, Inc. Distributed discernment detection system with plural user interface devices
US12079423B2 (en) 2021-05-27 2024-09-03 Jonathan White Rapidly capturing user input
US12153704B2 (en) 2021-08-05 2024-11-26 OneTrust, LLC Computing platform for facilitating data exchange among computing environments
IT202100021104A1 (it) 2021-08-05 2021-11-05 Cia Puglia Servizi S R L Sistema e metodo per l’individuazione di anomalie di sicurezza nell’utilizzo di dati contenuti in database multi-accesso nell’ambito di servizi front-office e back-office
US12010152B2 (en) 2021-12-08 2024-06-11 Bank Of America Corporation Information security systems and methods for cyber threat event prediction and mitigation
US12354604B2 (en) 2022-04-24 2025-07-08 Discern Science International, Inc. Distributed discernment system
US11620142B1 (en) 2022-06-03 2023-04-04 OneTrust, LLC Generating and customizing user interfaces for demonstrating functions of interactive user environments
US20250021916A1 (en) * 2023-07-13 2025-01-16 International Business Machines Corporation Refining worker engagement surveys via human-computer interaction
US20250247454A1 (en) * 2024-01-25 2025-07-31 Makor Analytics, Inc. Behavioral analytics platform with enhanced behavioral analysis and classification with mobile data collection

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060224898A1 (en) * 2003-05-02 2006-10-05 Ahmed Ahmed E System and method for determining a computer user profile from a motion-based input device
US7222360B1 (en) * 2002-11-27 2007-05-22 Sprint Communications Company L.P. Continuous biometric authentication using frame preamble for biometric data
US7245218B2 (en) * 2003-09-12 2007-07-17 Curtis Satoru Ikehara Input device to continuously detect biometrics
US20090089869A1 (en) * 2006-04-28 2009-04-02 Oracle International Corporation Techniques for fraud monitoring and detection using application fingerprinting

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6307956B1 (en) * 1998-04-07 2001-10-23 Gerald R. Black Writing implement for identity verification system
US6539101B1 (en) * 1998-04-07 2003-03-25 Gerald R. Black Method for identity verification
US20020054082A1 (en) * 1999-01-02 2002-05-09 Karpf Ronald S. System and method for providing accurate geocoding of responses to location questions in a computer assisted self interview
US7961917B2 (en) * 1999-02-10 2011-06-14 Pen-One, Inc. Method for identity verification
US6871287B1 (en) 2000-01-21 2005-03-22 John F. Ellingson System and method for verification of identity
US20070191691A1 (en) 2005-05-19 2007-08-16 Martin Polanco Identification of guilty knowledge and malicious intent
US8086730B2 (en) 2009-05-13 2011-12-27 International Business Machines Corporation Method and system for monitoring a workstation
US9703953B2 (en) * 2010-11-29 2017-07-11 Biocatch Ltd. Method, device, and system of differentiating among users based on user classification
US10037421B2 (en) * 2010-11-29 2018-07-31 Biocatch Ltd. Device, system, and method of three-dimensional spatial user authentication
US9531733B2 (en) * 2010-11-29 2016-12-27 Biocatch Ltd. Device, system, and method of detecting a remote access user
US9536071B2 (en) * 2010-11-29 2017-01-03 Biocatch Ltd. Method, device, and system of differentiating among users based on platform configurations
US8793790B2 (en) * 2011-10-11 2014-07-29 Honeywell International Inc. System and method for insider threat detection
US20140078061A1 (en) * 2012-09-20 2014-03-20 Teledyne Scientific & Imaging, Llc Cognitive biometrics using mouse perturbation
US10248804B2 (en) * 2014-01-31 2019-04-02 The Arizona Board Of Regents On Behalf Of The University Of Arizona Fraudulent application detection system and method of use

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7222360B1 (en) * 2002-11-27 2007-05-22 Sprint Communications Company L.P. Continuous biometric authentication using frame preamble for biometric data
US20060224898A1 (en) * 2003-05-02 2006-10-05 Ahmed Ahmed E System and method for determining a computer user profile from a motion-based input device
US7245218B2 (en) * 2003-09-12 2007-07-17 Curtis Satoru Ikehara Input device to continuously detect biometrics
US20090089869A1 (en) * 2006-04-28 2009-04-02 Oracle International Corporation Techniques for fraud monitoring and detection using application fingerprinting

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105306496B (zh) * 2015-12-02 2020-04-14 中国科学院软件研究所 用户身份检测方法和系统
CN105306496A (zh) * 2015-12-02 2016-02-03 中国科学院软件研究所 用户身份检测方法和系统
US9392460B1 (en) 2016-01-02 2016-07-12 International Business Machines Corporation Continuous user authentication tool for mobile device communications
US10303864B2 (en) 2016-01-02 2019-05-28 International Business Machines Corporation Continuous user authentication tool for mobile device communications
US11663297B2 (en) * 2016-03-10 2023-05-30 Dell Products, Lp System and method to assess anomalous behavior on an information handling system using indirect identifiers
EP3410328A1 (fr) * 2017-05-31 2018-12-05 Deutsche Telekom AG Procédé et système de distinction entre un être humain et un robot en tant qu'utilisateur d'un dispositif intelligent mobile
EP3410329A1 (fr) * 2017-05-31 2018-12-05 Deutsche Telekom AG Procédé et système de détection des entrées irrégulières pour des applications de traitement de données
US11695759B1 (en) 2018-12-20 2023-07-04 Wells Fargo Bank, N.A. Systems and methods for passive continuous session authentication
US11159520B1 (en) 2018-12-20 2021-10-26 Wells Fargo Bank, N.A. Systems and methods for passive continuous session authentication
US11095641B1 (en) 2018-12-20 2021-08-17 Wells Fargo Bank, N.A. Systems and methods for passive continuous session authentication
US11736477B1 (en) 2018-12-20 2023-08-22 Wells Fargo Bank, N.A. Systems and methods for passive continuous session authentication
US12155650B2 (en) 2018-12-20 2024-11-26 Wells Fargo Bank, N.A. Systems and methods for passive continuous session authentication
US12399965B2 (en) 2019-03-07 2025-08-26 British Telecommunications Public Limited Company Access control classifier training
US12039021B2 (en) 2019-03-07 2024-07-16 British Telecommunications Public Limited Company Multi-level classifier based access control
US12554811B2 (en) 2019-03-07 2026-02-17 British Telecommunications Public Limited Company Access control
US12314362B2 (en) 2019-07-16 2025-05-27 British Telecommunications Public Limited Company User authentication based on behavioral biometrics
US12277648B2 (en) 2019-07-30 2025-04-15 British Telecommunications Public Limited Company Duct blockage risk location prediction
US12425193B2 (en) 2019-09-12 2025-09-23 British Telecommunications Public Limited Company Resource access control
US12248544B2 (en) 2020-02-20 2025-03-11 Hewlett-Packard Development Company, L.P. User authentication based on biometric data
IT202100016136A1 (it) 2021-06-21 2022-12-21 G Lab S R L Metodo di identificazione di utente durante accessi tramite computer, e relativo sistema
IT202300027951A1 (it) * 2023-12-22 2025-06-22 Learning Experience Arch S R L Sistema e metodo per autenticare un utente

Also Published As

Publication number Publication date
US20200163605A1 (en) 2020-05-28
US10524713B2 (en) 2020-01-07
WO2014205149A1 (fr) 2014-12-24
US20160143570A1 (en) 2016-05-26

Similar Documents

Publication Publication Date Title
WO2014205148A1 (fr) Outil d'authentification permanente
Kambourakis et al. Introducing touchstroke: keystroke‐based authentication system for smartphones
Raza et al. A survey of password attacks and comparative analysis on methods for secure authentication
RU2767710C2 (ru) Система и способ обнаружения удаленного управления средством удаленного администрирования с использованием сигнатур
US9400879B2 (en) Method and system for providing authentication through aggregate analysis of behavioral and time patterns
Pusara et al. User re-authentication via mouse movements
US8443443B2 (en) Security system and method for detecting intrusion in a computerized system
CA2535542C (fr) Systeme et procede pour determiner un profil d'utilisateurs d'ordinateurs a partir d'un dispositif de saisie fonde sur le mouvement
US20110314549A1 (en) Method and apparatus for periodic context-aware authentication
US20130239191A1 (en) Biometric authentication
US20110314558A1 (en) Method and apparatus for context-aware authentication
US20130263240A1 (en) Method for authentication and verification of user identity
CN107615706A (zh) 持续用户认证
Wang et al. Insider threat detection using characterizing user behavior
Zhang et al. Anteater: Advanced persistent threat detection with program network traffic behavior
Ferreira et al. Keystroke dynamics for continuous access control enforcement
Stanić Continuous user verification based on behavioral biometrics using mouse dynamics
JP6890559B2 (ja) アクセス分析システム及びアクセス分析方法
Eddermoug et al. Ppsa: Profiling and preventing security attacks in cloud computing
CN113364744A (zh) 基于windows日志对域用户登录认证异常的检测方法及系统
Shobha et al. AI-Powered Behavioral Biometrics for Continuous Authentication
Alqatawna An adaptive multimodal biometric framework for intrusion detection in online social networks
Neal et al. Mobile biometrics, replay attacks, and behavior profiling: An empirical analysis of impostor detection
Shakir Applying Human Behaviour Recognition in Cloud Authentication Method—A Review
Alguliev et al. Illegal access detection in the cloud computing environment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14813318

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14813318

Country of ref document: EP

Kind code of ref document: A1